Mostrar el registro sencillo del ítem

dc.contributor.authorRazaghpanah, Abbas
dc.contributor.authorNiaki, Arian Akhavan
dc.contributor.authorVallina-Rodriguez, Narseo 
dc.contributor.authorSundaresan, Srikanth
dc.contributor.authorAmann, Johanna
dc.contributor.authorGill, Phillipa
dc.description.abstractFirst standardized by the IETF in the 1990's, SSL/TLS is the most widely-used encryption protocol on the Internet. This makes it imperative to study its usage across different platforms and applications to ensure proper usage and robustness against attacks and vulnerabilities. While previous efforts have focused on the usage of TLS in the desktop ecosystem, there have been no studies of TLS usage by mobile apps at scale. In our study, we use anonymized data collected by the Lumen mobile measurement app to analyze TLS usage by Android apps in the wild. We analyze and fingerprint handshake messages to characterize the TLS APIs and libraries that apps use, and evaluate their weaknesses. We find that 84% of apps use the default TLS libraries provided by the operating system, and the remaining apps use other TLS libraries for various reasons such as using TLS extensions and features that are not supported by the Android TLS libraries, some of which are also not standardized by the IETF. Our analysis reveals the strengths and weaknesses of each approach, demonstrating that the path to improving TLS security in the mobile platform is not straightforward. Based on work published at: Abbas Razaghpanah, Arian Akhavan Niaki, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Johanna Amann, and Phillipa Gill. 2017. Studying TLS Usage in Android Apps. In Proceedings of CoNEXT ’17. ACM, New York, NY, USA, 13 pages.
dc.titleStudying TLS Usage in Android Apps
dc.typeconference object
dc.conference.date16 July 2018
dc.conference.placeMontreal, Canada
dc.conference.titleThe ACM, IRTF & ISOC Applied Networking Research Workshop 2018 (ANRW’18)*

Ficheros en el ítem


No hay ficheros asociados a este ítem.

Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem